package author

import (
	"net/http"
	"video/api/response"
	"video/api/session"
)

var HEADER_FILELD_SESSION = "X-Session-ID"
var HEADER_FILELD_USNAME = "X-User-Name"

func ValidateUserSession(w http.ResponseWriter, r *http.Request) bool {
	sid := r.Header.Get(HEADER_FILELD_SESSION)
	if len(sid) == 0 { //创建session
		return false
	}
	uname, ok := session.InSessionExpired(sid)
	if ok {
		response.SendErrorResponse(w, response.ErrorNotAuthUser)
		return true
	}
	r.Header.Add(HEADER_FILELD_USNAME, uname)
	return false
}

func ValidateUser(w http.ResponseWriter, r *http.Request) bool {
	uname := r.Header.Get(HEADER_FILELD_USNAME)
	sessionId := r.Header.Get(HEADER_FILELD_SESSION)
	if len(uname) > 0 && len(sessionId) > 0 && uname != session.GenerateNewSessionId(sessionId) {
		response.SendErrorResponse(w, response.ErrorNotAuthUser)
		return false
	}

	return true
}
